XBy browsing this site you agree to use cookies. Cookies are tiny files stored in your web browser to make your on line experience better, establish statistics of visits and sharing on social networks.More

Zscaler: "we want to be the Salesforce.com of Internet security!"

taginlineimport On November 15, I was invited with a group of journalist to a press tour in the Silicon Valley (a sequel to our June 2010 press tour in the Valley). Our first presentation took place in Sunnyvale, Calif. at the main office of Zscaler, a ground-breaking cloud security provider.

The landscape has evolved

The security landscape has changed dramatically over the past decade. Whereas most security threats (apart from social engineering) used to come from outside devices like floppy disks or the more recent usb keys, the vast majority of threats are now directly coming from the Internet. This has forced enterprises to equip themselves with a flurry of protection devices and software which have, over the years, generated staggering complexity; and now, this complexity is increasingly getting out of hand. Traffic and policy management have become so important that the very dissemination of such rules and policies are a major pain-point for CIOs, not to mention the fact that simple techniques such as url filtering for instance are not always proving very effective. Besides, traditional security measures generate humongous log files. Something had to be done, mostly in that age of cloud computing, in which all clients are now seeking to rent their IT instead of buying it. Zscaler's approach is therefore not to compete in the same market as traditional players, but to redefine the game plan by providing security in the cloud.

The Zscaler blog

The company is security savvy and dedicated to the Web community. To that intent Zscaler have developed a R&D blog available at http://research.zscaler.com: the blog is packed with information about Web security and you are mostly advised to download their own blacksheep firefox plug-in, a security device which will protect your device from the firesheep wifi sniffing plug-in so as to avoid that your facebook details be stolen by malicious people.

The Future?

What will be the future for Zscaler? Will the company sell itself to a bigger company? Zscaler is getting so many calls from VCs throughout the week that it would be an option if its CEO didn't think that this isn't one of his objectives. Zscaler is now performing so well that they think they are in a position "to build the salesforce.com of Internet Security".So far, the security market is a $1.2bn market dominated by a few players and then there are small players in the background. But the market is growing 30% year on year and Zscaler's CEO think that it is still new and that "noone had ever done it properly so far". This is why Zscaler thinks it can be a major player in that market by disrupting it and changing the ball game.

Below is a transcript of the presentation as it was delivered on November 15 in Sunnyvale, Calif. (the presentation was delivered by Shrey Bhatia, Zscaler's head of worldwide field management its CEO, Jay Chaudhry)

r&d over 3 continents and own 30 patents on cloud security technologies

with offices in 15 countries, US, Europe and APA

positioned as the "most visionary" company by Gartner

growing revenue by 50%

clients include LVMH, Allianz, VW, Coca Cola, Wipro etc.

"anyone who uses the Internet is a potential client of ours"

in France, there are already many clients (see slide)taginlineimportalready, and Orange Business Services is a partner of Zscaler's (some of the French clients quoted on that slide were closed with Orange Business Services)

market overview: examples of how security is evolving on the Internet

Web (http protocol) has become main attack vector

over 80% of threats coming from the Web from 5% in 2000

It's no longer USB disks or floppy disks

85% of all traffic coming in and out of all companies (all types, small or large) is Web-based, this is why threats are coming from there too

Challenges facing the world in terms of Internet security

all content is active, live with Flash and Java, and this is what is making security threats more challenging

filtering: most companies want to control where employees are going. But the old list-based url is not working anymore. Facebook, wikipedia have evolving urls and it's changing all the time. Besides blocking Facebook is an issue if the same company is launching multi million dollar advertising campaigns on Facebook!

bandwidth is a real issue. Video is 20 times more exacting than text and companies are very concerned about the amount of bandwidth which is being used by video

Road warriers are new challenge too: people go to salesforce.com and so many online applications that the Web has become so critical. So it is of paramount importance to protect the road warriers

the last and one of the biggest challenge is cost and complexity: CEOs impose CIOs to do 20% more with a flat or even decreased budget

What Zscaler does and how they do it

Zscaler sits between the user and the Internet anywhere in the world, whereever they are, and whatever device they use. User goes to the Zscaler cloud, and Zscaler is the trusted third party and is termiinating the transaction to the Internet.

This is done with no hardware, no software, no plug-in, nothing!

This is why very international companies choose Zscaler.

How is it done?

in the browser, one has proxy settings, and one has to change the proxy setting, it's all you have to do and it can be done remotely

can be done at device or office level, from the firewall or router

Zscaler's cloud is the most global cloud in the industry

The "policies" are kept in the cloud and are moved around as companies and users are moving by moving the policies to the closest data centre. This is what is called "shadow policies"

Latency is important, and this is why data centres have to be as close to users as possible

In the past 6-7 years, companies have deployed MPLS networks: the biggest benefit is that bandwidth is divided by 2 and that latency is also improved. But network topologies are changing slowly because enterprises have spent a lot of time putting all their network topology together and they are naturally reluctant to throw everything away now. Hence it's best to let them be more comfident with the service before they change their network infrastructure and re-engineer it.

taginlineimport

cost-effectiveness

for all French customers, Zscaler is managing tens of thousands of users with just two boxes, and this is a lot easier and more cost effective than managing the complexity of myriad CPE's (Customer Premises Equipment)

Will it slow things down?

Traditional security devices are firewall devices which weren't designed to scale

Zscaler had to build new boxes which are very scalable

Standard costs to open 1 data centre is $1m, whereas Zscaler is able to open one for a fraction of that, with 2 boxes and can serve half a million users for that price

nanolog technology is a special technology which compresses logs and speeds up transactions, it has been developed by Zscaler (traditional logs for an average large company are going to generate 50-100GB of data every day. none of that information can be searched or used)

If everything is centralised how do minimise threats?

the goal of a cracker is to get to the user's machine an monetise information or turn it into a bot

Zscaler is just a conduit, hence it's just a bridge, and there is not much value in accessing Zscaler's boxes

Zscaler spends an awful lot of time and R&D to protect their servers and make the service safe